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DETAILED ACTION 

1. This action is responsive to communications filed on 22 October 2004. Claims 1-40 are 
pending in this Office Action. 



Response to Arguments 

2. The declaration and Exhibit A, B, C and D filed on 22 October 2004 under 37 CFR 1.131 
have been considered but are ineffective to overcome the Ayi et al. (Pub. No.: 2002/0143735 
Al). 

First, the declaration is defective because the declaration is not signed by all the inventors 
[See MPEP 704,715]. 

Second, applicants are relying on actual reduction to practice prior to the reference date 
to antedate the reference. In general, proof of actual reduction to practice requires a showing that 
the apparatus actually existed and worked for its intended purpose [MPEP 715.07]. However, no 
such evidence has been supplied. Exhibit A, B, C and D do not qualify as evidence because they 
do not have date and time to prove the apparatus actually existed and worked for its intended 
purpose prior to the reference date. 

Moreover, applicants rely on various written descriptions to prove reduction to practice. 
Written description alone does not constitute an actual reduction to practice. Because applicants 
rely solely on the documents describing the invention, no reduction to practice has been shown. 
Note, that such documentation may support conception. 

Furthermore, a general allegation that the invention was completed prior to the date of the 
reference is not sufficient. Ex parte Saunders, 1883 CD. 23. 23 O.G. 1224 (Comm'r Pat. 1883). 
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Similarly, a declaration by the inventor to the effect that his or her invention was conceived or 
reduced to practice prior to the reference date, without a statement of facts demonstrating the 
correctness of this conclusion, is insufficient to satisfy 37 CFR 1.131. 

The affidavit or declaration and exhibits must clearly explain which facts or data 
applicant is replying on to show completion of his or her invention prior to the particular date. 
Vague and general statements in broad terms about what the exhibits describe along with a 
general assertion that the exhibits describe a reduction to practice "amounts essentially to mere 
pleading unsupported by proof or a showing of facts" and, thus does not satisfy the requirements 
of 37 CFR 1.131(b). In re Borkowski, 505 F2d 713, 184 USPQ 29 (CCPA 1974). Applicant 
must give a clear explanation of the exhibits pointing out exacting what facts are established and 
relied on by applicant. 505 F2d at 718-19. 184 USPQ at 33. See also In re Harry, 33 F2d 920, 
142 USPQ 164 (CCPA 1964) (Affidavit "asserts that facts exist but does not tell what they are or 
when they occurred.") [MPEP 715.07]. 

The declaration submitted by the applicants are just a general allegation that the establish 
conception and reduction to practice of the invention prior to the Ayi reference. Applicants do 
not point out any concrete evidence in the declaration for the claimed invention. For example, 
the limitations "determining which policies, of the plurality of label-based policies, apply to the 
table based on a policy set of one or more policies associated with the table" in the claim 1 are 
not mapped to corresponding portions of the applicants' submitted declaration and the examiner 
does not find sufficient support in the declaration for the aforementioned claim limitations. 
Therefore, the declaration is ineffective to overcome the Ayi reference. 
3. As per applicant's arguments regarding Hayman does not teach registering, with a 
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database management system a package that includes an access mediation routine and invoking 
the access mediation routine to determine whether to allow operation on data in the first table 
have been considered but are not persuasive. Hayman teaches a security system that provides 
access control and places security labels on each data or other system resource, and on each user 
process. A hierarchy of labels is created ranging from highly secret to commonly accessible and 
strict policies are enforced by the security system based on these labels to determine who has 
what type of access to which data files or other system resource (Hayman, col. 1, lines 49 - col. 
2, line 8, col. 5, lines 18-60). The security system allows each process to be assigned a set of 
capabilities (or privileges) which it can invoke during its existence . . . For example, the user may 
decide to change his password. To do this, the user must update the system files which store his 
password and other associated information. However, the user is not usually allowed access to 
these files, so the change password program must provide the ability to access these files. The 
program is responsible for ensuring that the extra capabilities are only used for the purpose for 
which they were intended, and the extra capabilities are automatically removed when the change 
password program terminates (Hayman, col. 2, line 45 - col. 3, line 8). Clearly, the security 
program, such as the change password program, is registered with the database management 
system, and implements a package of security routines and policies, such as asking the user to 
enter a new password, receiving the new password, accessing the password file, changing the old 
password to the new password, and terminating the change password program. Furthermore, 
Hayman teaches a reference monitor that mediates all the requests for access to an object by a 
subject, and thus controls whether, and to what extent, the subject is granted access to the object 
(Hayman, col. 9, line 55 - col. 10, line 4). Therefore, the arguments are not persuasive. 
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Claim Rejections - 35 USC §103 

4. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in 
section 102 of this title, if the differences between the subject matter sought to be patented and the prior art are 
such that the subject matter as a whole would have been obvious at the time the invention was made to a person 
having ordinary skill in the art to which said subject matter pertains. Patentability shall not be negatived by the 
manner in which the invention was made. 

5. Claims 1-5 and 21-25 are rejected under 35 U.S.C. 103(a) as being unpatentable over Ayi 
et al. (hereinafter "Ayi", Pub. No.: US 2002/0143735) in view of Hart (5,787,428). 

As per claim 1, Ayi teaches a method for managing access to data in a database subject to 
a plurality of label-based security policies, the method comprising the steps of: 

receiving, within a database management system, a request for performing an operation 
set of one or more operations on data in a table of the database (Ayi, page 1, [0006] - [0008]); 

determining which policies, of the plurality of label-based policies, apply to the table 
based on a policy set of one or more policies associated with the table(Ayi, page 1, [0006] - 
[0008]). 

Ayi discloses determining whether to perform an operation/access on a dataset based on 
the label associated with the dataset (Ayi, page 1, [0006]). Ayi does not explicitly disclose 
whether to perform the operation on a row of the table. Hart teaches determining whether to 
perform the operation on a row of the table based on a set of labels associated with the row (Hart, 
Fig. 4-8, col. 6, lines 5-19). Therefore, it would have been obvious to one of ordinary skill in the 
art at the time the invention was made to modify the access control system of Ayi by 
incorporating determining whether to perform the operation on a row of the table based on a set 
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of labels associated with the row as disclosed by Hart (Hart, Fig. 4-8, col. 6, lines 5-19). The 
motivation being to provide different security level and access management for different rows in 
the table. 

As per claim 2, Ayi and Hart teach all the claimed subject matters as discussed in claim 

1 , and further teach adding a policy column to the table for each policy in the policy set 
associated with the table (Hart, Fig. 4). 

As per claim 3, Ayi and Hart teach all the claimed subject matters as discussed in claim 

2, and further teach storing a label, of the set of labels associated with the row, in a 
corresponding policy column of the row (Hart, Fig. 4). 

As per claim 4, Ayi and Hart teach all the claimed subject matters as discussed in claim 
2, and further teach said step of determining which policies apply further comprising the step of 
determining whether a column is a policy column (Hart, Fig. 4-8, col. 6, lines 5-19). 

As per claim 5, Ayi and Hart teach all the claimed subject matters as discussed in claim 
1, and further teach the policy set associated with the table includes two or more policies of the 
plurality of label-based policies (Ayi, page 1, [0006]-[0008], Hart, Fig. 4-8). 

Claims 21-25 are rejected on grounds corresponding to the reasons given above for 
claims 1-5. 

6. Claims 6-20 and 26-40 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Hayman et al. (hereinafter "Hayman", 5,859,966) in view of Ayi et al. (hereinafter "Ayi", Pub. 
No.: US 2002/0143735 Al). 

As per claim 6, Hayman discloses a method for managing access to data in on a policy set 
of one or more label-based security policies, the method comprising the steps of: 



Application/Control Number: 10/006,543 Page 7 

Art Unit: 2162 

Registering one or more packages of routines, wherein each package of said one or more 
packages implements a security model that supports a model set of one or more policies of the 
policy set and said each package includes an access mediation routine (Hayman, col. 1, line 53 - 
col. 3, line 8, col. 5, lines 18 - col. 60); 

associating a first policy of a first model set in a first package with an object (Hayman, 
col. 5, lines 1 8-60, Hayman teaches labels/policies are applied to each object. Please note the 
labels are plural, which inherently includes a first policy, a second policy, etc); and 

invoking the access mediation routine in the first package to determining whether to 
allow operation on data based on the first policy (Hayman, col. 9, line 55 - col 10, line 4). 

Hayman teaches the security policy is applied to an object, however, Hayman does not 
explicitly disclose the object is a first table within the database system. Ayi teaches applies 
labels to tables in the database system (Ayi, page 1, [0006]-[0008]). Therefore, it would have 
been obvious to one of ordinary skill in the art at the time the invention was made to modify the 
security system of Hayman by applying the labels/policies to tables in the database system as 
disclosed by Ayi. The motivation being to control access to the data in a table of the database 
system. 

As per claim 7, Hayman and Ayi teach all the claimed subject matters as discussed in 
claim 6, and further teach forming said each package of said one or more packages so that the 
access mediation routine conforms to a specified interface for enforcing a policy in the database 
management system (Hayman, col. 9, lines 1-13). 

As per claim 8, Hayman and Ayi teach all the claimed subject matters as discussed in 
claim 7, and further teach said each package further comprising including one or more 
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administrative routines for defining a policy for the model set (Hayman, col. 9, line 55 - col. 10, 
line 4). 

As per claim 9, Hayman and Ayi teach all the claimed subject matters as discussed in 
claim 8, and further teach one or more administrative routines for defining a policy further 
comprising including one or more administrative routines for defining a name for a particular 
policy; labels for the particular policy; descriptions for the labels; and properties for the labels 
(Hayman, col. 5, lines 18-60). 

As per claim 10, Hayman and Ayi teach all the claimed subject matters as discussed in 
claim 6, and further teach invoking an administrative routine of the first package for defining the 
first policy (Hayman, col. 5, lines 18-60). 

As per claim 11, Hayman and Ayi teach all the claimed subject matters as discussed in 
claim 10, and further teach invoking the administrative routine of the first package further 
comprising providing to the administrative routine of the first package a plurality of parameters 
including a policy name for the first policy and a plurality of label names for labels of the first 
policy (Hayman, col. 5, lines 18-60, col. 6, lines 45-67). 

As per claim 12, Hayman and Ayi teach all the claimed subject matters as discussed in 
claim 6, and further teach in response to attempts to operate on data in a row in the table, the step 
of determining that the first policy applies to the table (Hayman, col. 5, lines 25-39, Ayi, page 1, 
[0006]-[0008]). 

As per claim 13, Hayman and Ayi teach all the claimed subject matters as discussed in 
claim 6, and further teach associating a second policy of a second model set in a second package 
with a second table within the database system; and invoking the access mediation routine in the 
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second package for determining whether to allow operation on data in the second table based on 
the second policy (Ayi, page 1, [0006]-[0008]). 

As per claim 14, Hayman and Ayi teach all the claimed subject matters as discussed in 
claim 13, and further teach the second model in the second package is the same as the first model 
in the first package (Hayman, col. 5, lines 25-60, Ayi, page 1, [0006]-[0008]). 

As per claim 15, Hayman and Ayi teach all the claimed subject matters as discussed in 
claim 13, and further teach the second model in the second package is different from the first 
model in the first package (Hayman, col. 5, lines 25-60, Ayi, page 1, [0006]-[0008]). 

As per claim 16, Hayman and Ayi teach all the claimed subject matters as discussed in 
claim 13, and further teaches the second table is the same as the first table (Hayman, col. 5, lines 
25-60, Ayi, page 1, [0006]-[0008]). 

As per claim 17, Hayman and Ayi teach all the claimed subject matters as discussed in 
claim 13, and further teach the second table is different from the first table (Hayman, col. 5, lines 
25-60, Ayi, page 1, [0006]-[0008]). 

As per claim 18, Hayman and Ayi teach all the claimed subject matters as discussed in 
claim 6, and further teach invoking the access mediation routine in the first package further 
comprising providing data indicating the first policy to the access mediation routine (Hayman, 
col. 9, line 55 -col. 10, line 4). 

As per claim 19, Hayman and Ayi teach all the claimed subject matters as discussed in 
claim 6, and further teach the method further comprises the step of determining a set of allowed 
labels for the first policy for a user of the database management system; said step of invoking the 
access mediation routine is performed during said step of determining the set of allowed labels; 
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and the user is allowed to operate on the data according to the first policy if the data is associated 
with a label for the first policy and the label is included in the set of allowed labels for the first 
policy (Hayman, col. 5, lines 25-60, col 9, line 55 - col. 10, line 4). 

As per claim 20, Hayman and Ayi teach all the claimed subject matters as discussed in 
claim 19, and further teach storing the set of allowed labels in a session cache for a 
communication session between the database management system and the user (Hayman, col. 8, 
lines 54-67, Ayi, page 1, [0006]-[0008]). 

Claims 26-40 are rejected on grounds corresponding to the reasons given above for 
claims 6-20. 

Contact Information 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Chongshan Chen whose telephone number is (571)272-4031. 
The examiner can normally be reached on Monday - Friday (8:00 am - 4:30 pm). 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, John E Breene can be reached on (571)272-4107. The fax phone number for the 
organization where this application or proceeding is assigned is 703-872-9306. 
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Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published applications 
may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 
applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). 
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March 16, 2005 



